The Top 15 Security Posts – Vetted & Curated
*Threats & Defense*
1. Virginia’s Largest School System Hit With Ransomware (Dark Reading, Sep 14 2020)
Fairfax County Public Schools has launched an investigation following a ransomware attack on some of its technology systems.
2. Russian state hackers are targeting Biden and Trump campaigns, MSFT warns (Ars Technica, Sep 11 2020)
Russia’s most notorious hacking group is using new techniques to breach accounts.
3. Attackers Fight for Control of Sites Targeted in File Manager Vulnerability (Wordfence, Sep 10 2020)
Last week, we covered a vulnerability in the File Manager plugin installed on over 700,000 WordPress sites. By Friday, September 4, 2020, we recorded attacks on over 1.7 million sites, and by today, September 10, 2020 the total number of sites attacked has increased to over 2.6 million. We’ve seen evidence of multiple threat actors …
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~16,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
*AI, IoT, & Mobile Security*
4. Researchers, Companies Slam Mobile Voting Firm Voatz (Dark Reading, Sep 14 2020)
In a letter, almost 70 different security firms and individual researchers criticize Voatz for misrepresenting to the US Supreme Court widely accepted security research practices.
5. Here Are Detailed Photos of iPhone Unlocking Tech GrayKey (VICE, Sep 14 2020)
New pictures of the outside—and inside—of the GrayKey iPhone unlocking device have been published by the FCC.
6. How AI caught hackers crypto-mining on a biometric access server in an empty office (Darktrace Blog, Sep 10 2020)
Darktrace recently detected a cyber-attack that used the processing power of a biometric scanner to mine for cryptocurrency. The activity occurred while the office was closed due to COVID-19, but Cyber AI detected the anomalous behavior in real time.
*Cloud Security, DevOps, AppSec*
7. Research Finds Nearly 800,000 Access Keys Exposed Online (Dark Reading, Sep 15 2020)
The researchers searched approximately 150 million entities across GitHub, GitLab, and Pastebin during a 30-day period in August and September to find the roughly 800,000 keys. They discovered that more than 40% of the keys were database keys while 38% were for cloud services. Redis was the most common database involved, while Google Cloud API was the most common cloud service key.
8. Large Cloud Providers Much Less Likely Than Enterprises to Get Breached (Dark Reading, Sep 14 2020)
Pen-test results also show a majority of organizations have few protections against attackers already on the network.
9. Microsoft Releases Open Source Fuzzing Framework for Azure (SecurityWeek, Sep 15 2020)
Microsoft on Tuesday announced the release of Project OneFuzz, an open source fuzzing framework for Azure that the tech giant has been using internally for the past year to find and patch bugs.
*Identity Mgt & Web Fraud*
10. When you find the Australian Prime Minister’s passport number (Alex, Sep 17 2020)
This is one of my favorite reads. Aside from lots of really funny lines, it highlights the curiosity that’s needed in the infosec world. “You know how they say to commit a crime (which once again I insist did not happen in my case) you need means, motive, and opportunity? Means is the ability to use right click > Inspect Element, motive is hubris, and opportunity is the dumb luck of having my friend message me the Instagram post.”
11. Zoom Brings Two-Factor Authentication to All Users (Dark Reading, Sep 10 2020)
This marks the latest step Zoom has taken to improve user security as more employees work from home.
12. Safari 14: New privacy and security features (Help Net Security, Sep 17 2020)
Apple has released Safari 14, which features many functional improvements, a Privacy Report that shows all the trackers the browser has neutralized, and and does not support Adobe Flash anymore. New features Safari 14 sports a redesign of the tab bar, which now displays site favicons by default and previews of the contents of some pages (when the user hovers over a tab), and a customizable start page.
13. CISA Named Top-Level Root CVE Numbering Authority (SecurityWeek, Sep 17 2020)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA) and it will be overseeing CNAs that assign CVE identifiers for vulnerabilities in industrial control systems (ICS) and medical devices.
14. #GartnerSEC: Top Projects for 2020 Include Authentication, Risk Management and Cloud (Infosecurity Magazine, Sep 14 2020)
Gartner’s top projects for security and risk for the next year
15. Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack (Krebs on Security, Sep 17 2020)
The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and "supply chain" attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm.